pfstat http://www.benzedrine.cx/pfstat.html pfstat is a small utility that collects packet filter statistics and produces graphs. Network Management http://www.pfsense.com/packages/config/pfstat.xml http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5.3-release/All pfstat-1.7.tbz Stable 1.7 pfstat.xml pure-ftpd http://www.pureftpd.org/ Pure FTPd Server is a fast, production quality, standards-conformant FTP server based on Troll-FTPd. It has no known vulnerabilities, is trivial to set up, and is especially designed for modern kernels. Features include PAM support, IPv6, chroot()ed home directories, virtual domains, built-in 'ls', FXP protocol, anti-warez system, bandwidth throttling, restricted ports for passive downloads, an LDAP backend, XML output, and more. FTP http://www.pfsense.com/packages/config/pure-ftpd.xml http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5.3-release/All pure-ftpd-1.0.20_1.tbz 1.0.20_1 Stable pure-ftpd.xml ftp pure-ftpd.log nmap http://www.insecure.org/nmap/ NMap is a utility for network exploration or security auditing. It supports ping scanning (determine which hosts are up), many port scanning techniques (determine what services the hosts are offering), version detection (determine what application/service is runing on a port), and TCP/IP fingerprinting (remote host OS or device identification). It also offers flexible target and port specification, decoy/stealth scanning, SunRPC scanning, and more. Most Unix and Windows platforms are supported in both GUI and command line modes. Several popular handheld devices are also supported, including the Sharp Zaurus and the iPAQ. Security http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5.3-release/All nmap-3.70.tbz 3.70 Stable http://www.pfsense.com/packages/config/nmap.xml nmap.xml ntop http://www.ntop.org/ ntop is a network probe that shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user's terminal. In Web mode it acts as a Web server, creating an HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics. Network Management http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5.3-release/All ntop-3.0.tbz 3.0 Stable http://www.pfsense.com/packages/config/ntop.xml ntop.xml stunnel http://www.stunnel.org/ The stunnel program is designed to work as an SSL encryption wrapper between remote client and local (inetd-startable) or remote servers. It can be used to add SSL functionality to commonly used inetd daemons like POP2, POP3, and IMAP servers without any changes in the program's code. It will negotiate an SSL connection using the OpenSSL or SSLeay libraries. It calls the underlying crypto libraries, allowing stunnel to support whatever cryptographic algorithms you compiled into your crypto package. Network Management http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5.3-release/All stunnel-4.05_1.tbz 4.05_1 Stable http://www.pfsense.com/packages/config/stunnel.xml stunnel.xml squid High performance Web proxy cache http://www.squid-cache.org/ Network Management http://www.pfSense.com/packages/All squid-2.5.7_5.tbz 2.5.7_5 BETA http://www.pfsense.com/packages/config/squid.xml squid.xml carp CARP is a tool to help achieve system redundancy by having multiple computers creating a single, virtual network interface between them. This allows another machine to respond in the event a server fails, and allows a degree of load sharing between systems. CARP is an improvement over the Virtual Router Redundancy Protocol (VRRP) standard. It was developed after VRRP was shown to possibly overlap a Cisco patent. http://www.openbsd.org/faq/faq6.html#CARP Network Management 0.1.0 ALPHA http://www.pfsense.com/packages/config/carp.xml carp.xml postfix Postfix mail forwarder. Forwards mail to another mail server. http://www.postfix.com/ Mail http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5.3-release/mail postfix-1.1.12_1%2c1.tbz 1.1.12_1 ALPHA http://www.pfsense.com/packages/config/postfix.xml postfix.xml powerdns PowerDNS (AKA pdns) is an advanced high performance authoritative nameserver with MANY advanced features http://www.powerdns.com/ Network Management http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5.3-release/All powerdns-2.9.16_4.tbz 2.9.16_4 ALPHA (NO GUI) http://www.pfsense.com/packages/config/powerdns.xml powerdns.xml freeradius http://www.freeradius.org/ FreeRADIUS is the premiere open source RADIUS server. It is fast, flexible, configurable, and supports more authentication protocols than many commercial servers. A client entry for localhost with the shared secret "pfsense" is defined on installation for easy integration with the captive portal. This package is currently intended to provide a local user database for captive portal and pptp - it does not employ SQL and is not meant to supplant an external RADIUS server for advanced tasks. Security http://www.pfsense.com/packages/config/freeradius.xml http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5.3-release/All freeradius-1.0.1.tbz 1.0.1 Stable freeradius.xml radius radius.log ifstated http://www.openbsd.org/ The ifstated daemon runs commands in response to network state changes, which it determines by monitoring interface link state or running exter- nal tests. For example, it can be used with carp(4) to change running services or to ensure that carp(4) interfaces stay in sync, or with pf(4) to test server or link availability and modify translation or routing rules. This package is currently useless without the carp package installed. Network Management http://www.pfsense.com/packages/config/ifstated.xml http://www.pfsense.com/packages/All ifstated-20041117.tbz 20041117 ALPHA ifstated.xml iperf http://dast.nlanr.net/Projects/Iperf/ Iperf is a tool for measuring maximum TCP and UDP bandwidth, reminiscent of ttcp and nettest. It has been written to overcome the shortcomings of those aging tools. Iperf can also test UDP bandwidth, loss, and jitter. Network Management http://www.pfsense.com/packages/config/iperf.xml http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5.3-release/All iperf-1.7.0.tbz 1.7.0 ALPHA iperf.xml spamd http://www.openbsd.org/ Tarpits like spamd are fake SMTP servers, which accept connections but don't deliver mail. Instead, they keep the connections open and reply very slowly. If the peer is patient enough to actually complete the SMTP dialogue (which will take ten minutes or more), the tarpit returns a 'temporary error' code (4xx), which indicates that the mail could not be delivered successfully and that the sender should keep the mail in their queue and retry again later. Services http://www.pfsense.com/packages/config/spamd.xml http://www.pfsense.com/packages/All spamd-3.5_2.tbz 0.1.0 ALPHA spamd.xml pfflowd http://www.mindrot.org/pfflowd.html pfflowd converts OpenBSD PF status messages (sent via the pfsync interface) to Cisco NetFlow datagrams. These datagrams may be sent (via UDP) to a host of one's choice. Utilising the OpenBSD stateful packet filter infrastructure means that flow tracking is very fast and accurate. Network Management http://www.pfsense.com/packages/config/pfflowd.xml http://ftp2.freebsd.org/pub/FreeBSD/ports/i386/packages-5-stable/All/ pfflowd-0.6.tbz 0.6 BETA pfflowd.xml siproxd http://siproxd.sourceforge.net/ Siproxd is a proxy/masquerading daemon for the SIP protocol. It handles registrations of SIP clients on a private IP network and performs rewriting of the SIP message bodies to make SIP connections possible via a masquerading firewall. It allows SIP clients (like kphone, linphone) to work behind an IP masquerading firewall or router. Services http://www.pfsense.com/packages/config/siproxd.xml http://www.pfsense.com/~colin/All/ siproxd-0.5.9.tbz 0.5.9 ALPHA siproxd.xml